Dr Kinglsey Aguoru
Renowned Nigerian-British Information Security Expert, Dr. Kingsley Aguoru has warned against the significant vulnerabilities in Nigeria’s Online Payment system, emphasizing the urgent need for the Central Bank of Nigeria and Economic and Financial Crimes Commission to tackle the risks associated with card PIN usage which pulls a security threat to citizen’s Financial information.
In a Petition obtained, Dr. Aguoru, a highly experienced Chartered Engineer and Director of Information Security, emphasizes the necessity for the Central Bank of Nigeria to restrict card PIN use for online transactions due to inherent security risks
According to him, The existing practice puts Nigerian consumers at risk of various cyber threats, including phishing scams, keylogging, and man-in-the-middle attacks, which can compromise their personal and financial information
“Nigerian payment providers like Paystack, Flutterwave, and Interswitch continue to require card PINs for online transactions, a practice that is virtually obsolete globally,” Aguoru noted in the petition, titled ‘Urgent Call to Ban Card PIN Usage for Online Payments in Nigeria
He stressed that pins are designed to secure ATM and POS transactions, but using them online exposes consumers to cyber threats due to lack of encryption.
The visionary expert, Dr. Aguoru, who introduced one-time passwords for enhanced security in card-not-present transactions, highlighted the pressing concern that prolonged PIN usage provides opportunities for malicious actors to intercept consumer data, leading to identity theft and financial exploitation.
He further emphasized that for enhanced online payment security, Nigerian consumers should exclusively utilize One-Time Passwords (OTPs) or multi-factor authentication methods, abandoning the practice of combining them with card PINs.
‘Combining OTPs with card PINs is unnecessary and risky. Instead, customers should be provided with secure alternatives, such as hardware card readers that generate OTPs independently,” he said.
Aguoru beckoned on the CBN to take immediate steps to enforce these security measures and educate the public on safe online payment practices.
“I respectfully call on the CBN to address these issues by prohibiting web PIN entry for card payments and enforcing OTP or MFA requirements across all payment providers,” he stated.
In Conclusion, he noted that by adopting these measures, Nigeria’s payment systems will be elevated to global best practices, ensuring a secure and protected environment for consumers to conduct transactions.
Eniola Jolaoso